Skip to content

Commit ca0540d

Browse files
mbgmbg
committed
Check that individual proxy configurations are objects
1 parent e9938e3 commit ca0540d

File tree

6 files changed

+40
-2
lines changed

6 files changed

+40
-2
lines changed

lib/start-proxy.js

Lines changed: 3 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/start-proxy.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/start-proxy.test.js

Lines changed: 9 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

lib/start-proxy.test.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/start-proxy.test.ts

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,9 @@ import { setupTests } from "./testing-utils";
66

77
setupTests(test);
88

9+
const toEncodedJSON = (data: any) =>
10+
Buffer.from(JSON.stringify(data)).toString("base64");
11+
912
test("getCredentials prefers registriesCredentials over registrySecrets", async (t) => {
1013
const registryCredentials = Buffer.from(
1114
JSON.stringify([
@@ -46,6 +49,25 @@ test("getCredentials throws an error when configurations are not an array", asyn
4649
);
4750
});
4851

52+
test("getCredentials throws error when credential is not an object", async (t) => {
53+
const testCredentials = [["foo"], [null]].map(toEncodedJSON);
54+
55+
for (const testCredential of testCredentials) {
56+
t.throws(
57+
() =>
58+
startProxyExports.getCredentials(
59+
getRunnerLogger(true),
60+
undefined,
61+
testCredential,
62+
undefined,
63+
),
64+
{
65+
message: "Invalid credentials - must be an object",
66+
},
67+
);
68+
}
69+
});
70+
4971
test("getCredentials throws error when credential missing host and url", async (t) => {
5072
const registryCredentials = Buffer.from(
5173
JSON.stringify([{ type: "npm_registry", token: "abc" }]),

src/start-proxy.ts

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,10 @@ export function getCredentials(
7272

7373
const out: Credential[] = [];
7474
for (const e of parsed) {
75+
if (e === null || typeof e !== "object") {
76+
throw new ConfigurationError("Invalid credentials - must be an object");
77+
}
78+
7579
// Mask credentials to reduce chance of accidental leakage in logs.
7680
if (e.password !== undefined) {
7781
core.setSecret(e.password);

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy